Technology
Scammers can exploit your data from just 1 ChatGPT search
ChatGPT and other large language models (LLMs) have become amazing helpers for everyday tasks. Whether it’s summarizing complex ideas, designing a birthday card or even planning your apartment’s layout, you can get impressive results with just a simple prompt. But as helpful as these AI tools are, their convenience comes with hidden risks, especially when it comes to your personal privacy.
Join the FREE “CyberGuy Report”: Get my expert tech tips, critical security alerts and exclusive deals, plus instant access to my free “Ultimate Scam Survival Guide” when you sign up!
A man using ChatGPT on his laptop (Kurt “CyberGuy” Knutsson)
How these tools work and why that matters
If you haven’t tried an LLM like ChatGPT before, here’s the gist: They’re advanced language processors that chat with you through text. No special commands or coding needed, just type what you want to know or do, and they respond. For example, asking “Why is the conclave kept secret?” will get you a detailed explanation in seconds.
This simplicity is what makes LLMs so useful, but it also opens the door to risks. Instead of harmless questions, someone could ask for a detailed profile on a person, and the model might generate a surprisingly thorough report. While these tools have safeguards and often refuse certain requests, clever phrasing can sometimes bypass those limits.
Unfortunately, it doesn’t take much effort for someone to use ChatGPT to gather personal information about you. But don’t worry, there are ways to protect yourself from this kind of digital snooping.
A person using ChatGPT on their phone (Kurt “CyberGuy” Knutsson)
WHAT HACKERS CAN LEARN ABOUT YOU FROM A DATA BROKER FILE
How to stop it
These AI tools don’t just pull information out of thin air. They need to access real online sources to work. In other words, your data is already out there on the internet; AI tools just make it easier to find. And if you look at the sources, most of the information you wouldn’t want shared online, like your address, relatives and so on, is made public by people-search sites. Other sources include social media, like LinkedIn and Facebook, as well as public databases. But none of them are as invasive as people-search sites.
Let’s see what you can do to limit how much of your information is exposed online.
A woman using ChatGPT on her laptop (Kurt “CyberGuy” Knutsson)
THINK YOU CAN DELETE YOUR OWN DATA? WHY IT’S HARDER THAN YOU THINK
Essential steps and precautions to protect your privacy
To effectively safeguard your personal information from being exposed or misused, it’s important to follow these steps and adopt key precautions.
1) Opt out of people-search sites one by one
Although not all people-search sites are required to offer it, most of them do provide an option to request an opt-out. But that comes with a few challenges.
Where to start: Identifying people-search sites that expose your personal information
There are hundreds of people-search sites registered in the U.S. Going through each and every one is, realistically speaking, impossible. You’ll need to narrow your search somehow.
Using AI tools: How to find and list data broker sites with your personal data
Use AI tools and ask them to run a deep search on yourself. It’s not a perfect or complete solution; LLMs tend to shorten their responses to save resources. But it will give you a good starting point, and if you keep asking for more results, you should be able to put together a decent list of people-search sites that might have your profile.
Submitting opt-out requests: How to remove your information from people-search sites
Now, you’ll have to go through each of these people-search sites and submit opt-out requests. These usually aren’t complicated, but they’re definitely time-consuming. The opt-out forms are typically located at the bottom of each site, in the footer. The naming can vary from “Do Not Sell My Info” to “Opt-Out” or something similar. Each people-search site is a little different. Opting out of every people-search site that exposes your personal information is a mammoth task. I’ve discussed it in more detail here. Alternatively, you can automate this process.
A woman using ChatGPT on her laptop (Kurt “CyberGuy” Knutsson)
DATA REMOVAL DOES WHAT VPNS DON’T: HERE’S WHY YOU NEED BOTH
2) Opt out using data removal services
Data removal services are real-time and energy savers when it comes to protecting your personal information online. The way these services work is simple. They send hundreds of data removal requests on your behalf to people-search sites you might not even know exist but are still exposing your data. And with some services, the process goes even further than that.
People-search sites aren’t the only places exposing your personal information without your knowledge. In fact, they’re just a small part of the larger data broker industry.
There are marketing, health, financial, risk and many other types of data brokers trading your information. Your data is a commodity they use to make a profit, often without you even realizing it.
Data removal services have taken on the challenge of fighting this threat to your privacy. They continuously scour the web, looking for your profiles. This way, you can just sign up and let them handle the work in the background. And here’s the best part: They take about 10 minutes to set up, roughly the same time it takes to opt out of a single people-search site.
- Go to a data removal service that fits your needs
- Choose a subscription plan
- Provide the minimal information needed for them to effectively locate your profiles on people-search sites
And that’s it. The removal process is entirely automated and requires little to no effort on your part. With this small initial effort, you may save yourself from privacy-related risks, including scams and even identity theft. But what if your data is exposed on a people-search site not covered by any data removal service?
Every removal service out there has limitations on the number of data brokers it supports. It’s not about a lack of effort; it’s mostly because brokers are generally unwilling to cooperate, to put it mildly. But there’s a way to address this issue without going back to manual opt-outs. The top names in the data removal industry now offer custom removals. In simple terms, this means you can ask them to remove your personal information from websites not currently covered by their standard plans.
The catch is that you’ll need to do the research yourself and point out which sites are exposing your data. It’s not as convenient as having everything done automatically, but it’s a relatively minor inconvenience for the sake of your online privacy.
Check out my top picks for data removal services here.
3) Be careful what you share with AI tools
Being mindful of the information you provide to AI tools is the first and most crucial step in protecting your privacy. Don’t share sensitive details such as your full name, home address, financial information, passwords or any other personal data that could be used to identify or harm you or others.
4) Secure your AI accounts
Protecting your AI accounts from unauthorized access helps keep your interactions and data safe. Always use strong, unique passwords and consider using a password manager to generate and store those complex passwords. Enable multifactor authentication whenever possible to add an extra layer of security. Regularly review your account permissions and remove access for any devices or applications you no longer use. Get more details about my best expert-reviewed password managers of 2025 here.
5) Review and tighten social media privacy
Adjusting your social media privacy settings can greatly reduce the amount of personal information available to data brokers. Make your profiles private, limit who can see your posts and be selective about accepting friend or follower requests. Periodically audit your privacy settings and remove any unnecessary third-party app connections to further minimize your exposure.
6) Use strong antivirus software
Protecting your devices with strong antivirus software adds an essential layer of security against digital threats. Antivirus programs defend against malware, phishing and identity theft. Be sure to choose reputable software and regularly update it to stay protected against the latest threats. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.
7) Use alias emails for opt-outs and online forms
Using a dedicated email address for opt-outs and online sign-ups helps reduce spam and protects your primary email. This practice also makes it easier to track which sites and services have your contact information. If your alias email becomes compromised, you can quickly change it without disrupting your main accounts. See my review of the best secure and private email services here.
Get a free scan to find out if your personal information is already out on the web.
Kurt’s key takeaways
Large language models like ChatGPT are transforming how we work, create and solve problems, but they also introduce new privacy and security risks that can’t be ignored. As these tools become more powerful and accessible, it’s up to each of us to take proactive steps to safeguard our personal information and understand where our data might be exposed. By staying alert and making use of available privacy tools, we can enjoy the benefits of AI while minimizing the risks.
Should OpenAI be held legally accountable when its tools are used to collect or expose private data without consent? Let us know your experience or questions by writing us at Cyberguy.com/Contact. Your story could help someone else stay safe.
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.
Ask Kurt a question or let us know what stories you’d like us to cover.
Follow Kurt on his social channels:
Answers to the most-asked CyberGuy questions:
New from Kurt:
Copyright 2025 CyberGuy.com. All rights reserved.
Microsoft has identified issues upon installing the January 2026 Windows security update. To address these issues, an out-of-band (OOB) update was released today, January 17, 2026.
– Connection and authentication failures in remote connection applications: This issue affects multiple platforms including Windows 11, version 25H2; Windows 10, version 22H2 ESU; and Windows Server 2025. See the bottom of this message for the complete list of affected products.
-Devices with Secure Launch might fail to shut down or hibernate: This issue only affects Windows 11, version 23H2.
NEWYou can now listen to Fox News articles!
Brightspeed, one of the largest fiber broadband providers in the United States, is investigating claims that hackers stole sensitive data tied to more than 1 million customers.
The allegations surfaced when a group calling itself the Crimson Collective posted messages on Telegram warning Brightspeed employees to check their email. The group claims it has access to over 1 million residential customer records and threatened to release sample data if the company does not respond.
At this point, Brightspeed has not confirmed a breach. However, the company says it is actively investigating what it calls a potential cybersecurity event.
DATA BREACH EXPOSES 400,000 BANK CUSTOMERS’ INFO
Fiber networks carry massive amounts of personal data, which makes internet providers attractive targets for extortion groups. (Philip Dulian/picture alliance via Getty Images)
Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter
What the hackers say they stole
According to Crimson Collective, the stolen data includes a wide range of personally identifiable information. The group claims it has access to:
- Customer names, email addresses and phone numbers
- Home and billing addresses
- User account details linked to session or user IDs
- Payment history and partial payment card information
- Appointment and order records tied to customer accounts
If accurate, that combination of data could create serious identity theft and fraud risks for affected customers.
Brightspeed responds to the allegations
Brightspeed says it takes the situation seriously, even as it continues to verify the claims.
In a statement shared with BleepingComputer, the company said it is rigorously monitoring threats and working to understand what happened. Brightspeed added that it will keep customers, employees and authorities informed as more details become available.
So far, there has been no public notice on Brightspeed’s website or social media channels confirming customer data exposure.
Who Brightspeed is and why this matters
Brightspeed is a U.S. telecommunications and internet service provider founded in 2022 after Apollo Global Management acquired local exchange assets from Lumen Technologies.
Headquartered in Charlotte, North Carolina, the company serves rural and suburban communities across 20 states. It has rapidly expanded its fiber footprint, passing more than 2 million homes and businesses and aiming to reach over 5 million locations.
Because Brightspeed focuses on underserved areas, many customers rely on it as their primary internet provider. That makes any potential breach especially concerning.
A closer look at Crimson Collective
Crimson Collective is not new to high-profile targets. In October, the group breached a GitLab instance tied to Red Hat, stealing hundreds of gigabytes of internal development data.
That incident later rippled outward. In December, Nissan confirmed that personal data for about 21,000 Japanese customers was exposed through the same breach.
More recently, researchers say Crimson Collective has targeted cloud environments, including Amazon Web Services, by abusing exposed credentials and creating rogue access accounts to escalate privileges.
In other words, the group has a track record that makes its claims hard to ignore.
What this could mean for customers
Even though Brightspeed has not confirmed a breach, the claims alone are enough to raise red flags. If customer data was accessed, it could be used for phishing scams, account takeovers or payment fraud.
Cybercriminals often move fast after breaches. That means customers should stay alert even before an official notice appears.
CyberGuy reached out to Brightspeed for comment, and a spokesperson told us,
“We take the security of our networks and protection of our customers’ and employees’ information seriously and are rigorous in securing our networks and monitoring threats. We are currently investigating reports of a cybersecurity event. As we learn more, we will keep our customers, employees, stakeholders and authorities informed.”
JANUARY SCAMS SURGE: WHY FRAUD SPIKES AT THE START OF THE YEAR
How to protect your personal data and online accounts
Even if this Brightspeed investigation does not end up impacting your account, these steps are worth following. Most data breaches lead to the same downstream risks, like phishing scams, account takeovers and identity theft. Building these habits now can help protect you across all your online accounts.
Cybercriminals often use public posts and countdowns to pressure companies into responding quickly. (Sebastian Kahnert/picture alliance via Getty Images)
1) Watch for phishing attempts
Scammers often take advantage of breach headlines to create panic. Be cautious with emails, calls or texts that mention your internet account billing problems or service changes. If a message pushes urgency or pressure, pause before responding.
2) Avoid suspicious links and attachments
Do not click links or open attachments tied to account notices or payment issues. Instead, open a new browser window and go directly to the company’s official website or app. Strong antivirus software adds another layer of protection against malicious downloads.
The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.
Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com
3) Update your account passwords
Change your Brightspeed account password and review passwords on other important accounts. Use strong, unique passwords that you do not reuse elsewhere. A trusted password manager can generate and store complex passwords, which makes account takeovers much harder.
Next, see if your email has been exposed in past breaches. Our #1 password manager (see Cyberguy.com/Passwords) pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.
Check out the best expert-reviewed password managers of 2026 at Cyberguy.com
4) Reduce your data footprint
Personal data spreads quietly across data broker sites. Using a data removal service can help limit how much of your information is publicly available. Less exposed data means fewer opportunities for scammers to target you.
While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.
Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com
Get a free scan to find out if your personal information is already out on the web: Cyberguy.com
5) Turn on account alerts
Brightspeed lets customers turn on account and billing alerts through the My Brightspeed site or app. You can choose which notifications you receive by email or text. Alerts can help you catch unusual activity early and respond before more damage occurs.
6) Monitor your financial accounts closely
Check bank and credit card statements often. Look for small or unfamiliar charges since criminals sometimes test stolen data with low-dollar transactions before attempting larger fraud.
7) Consider fraud alerts or a credit freeze
If sensitive information may have been exposed, placing a fraud alert or credit freeze can add protection. These steps make it harder for criminals to open new accounts in your name. To learn more about how to do this, go to Cyberguy.com and search “How to freeze your credit.”
You may also want to consider an identity theft protection service that monitors for suspicious activity and sends alerts. Identity Theft companies can monitor personal information like your Social Security number (SSN), phone number, and email address, and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.
See my tips and best picks on how to protect yourself from identity theft at Cyberguy.com
When personal and billing information is exposed, the risk extends beyond one company to everyday customers. (Pixelfit/Getty Images)
Kurt’s key takeaways
Brightspeed’s investigation is still unfolding, and the company says it will share updates as it learns more. Until then, the claims highlight how valuable customer data has become and how aggressively extortion groups are targeting infrastructure providers. For customers, caution is the best defense. For companies, transparency and speed will matter if these claims turn out to be real.
Do you feel companies are doing enough to keep your personal data safe? Let us know by writing to us at Cyberguy.com
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Sign up for my FREE CyberGuy Report Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter
Copyright 2026 CyberGuy.com. All rights reserved.
Setapp Mobile was a bold, breakthrough project that aimed to provide EU iOS users with access to alternative app marketplaces – creating a new app ecosystem where both developers and users could thrive. We are proud of what we have accomplished with it over the past two years and still believe passionately in this vision.
As a result of still-evolving commercial conditions, we have determined that it is not viable to continue development or support for Setapp Mobile within Setapp’s current business model.
While we are disappointed to discontinue Setapp Mobile, we are looking forward to pursuing the development of other innovations. We are excited to focus efforts on various projects that will launch later this year. This includes Eney, a first-of-its-kind AI assistant native to macOS, and new enhancements to Setapp Desktop.
Deandre Ayton has big night as Lakers run past the Raptors
Billionaires have more money and political power than ever, Oxfam says
Parts of Florida receive rare snowfall as freezing temperatures linger
One of Tyler Robinson’s last meals as a free man may have been a steak dinner — medium rare
ICE says 2 demonstrators were arrested in Minnesota for allegedly assaulting officers
Florida High School Football Rankings: Top 25 teams – Oct. 21
Cleary's 21 help Le Moyne down Central Connecticut State 69-64 in OT
How old is Bo Nix? What to know about Oregon quarterback ahead of 2024 NFL Draft
99th annual Pony Swim held in Virginia
Video: ‘It Didn’t Have to Happen This Way:’ U.Va. Faculty Call for Review of Police Response to Protests
Billionaires have more money and political power than ever, Oxfam says
Parts of Florida receive rare snowfall as freezing temperatures linger
Did Hunter S. Thompson Really Kill Himself?
Wife of former American detainee released after more than a year in Venezuelan prison
What is the EU's anti-coercion instrument, and how does it work?
-
Montana1 week agoService door of Crans-Montana bar where 40 died in fire was locked from inside, owner says
-
Delaware1 week agoMERR responds to dead humpback whale washed up near Bethany Beach
-
Virginia1 week agoVirginia Tech gains commitment from ACC transfer QB
-
Montana1 week ago‘It was apocalyptic’, woman tells Crans-Montana memorial service, as bar owner detained
-
Minnesota1 week agoICE arrests in Minnesota surge include numerous convicted child rapists, killers
-
Lifestyle4 days agoJulio Iglesias accused of sexual assault as Spanish prosecutors study the allegations
-
Oklahoma1 week agoMissing 12-year-old Oklahoma boy found safe
-
Oregon1 week agoDan Lanning Gives Oregon Ducks Fans Reason to Believe